<?php
/**
 *	[TWCMS] (C)2012 TongWang Inc.
 *	$Id: admin.php 2 2013-04-27 07:14:17Z nanown@qq.com $
 */
class admin extends base{
	public $auser;
	public $navs;
	public $title;
	public $place;
	public $form;

	public function __construct(){
		parent::load_db();
		$this->login();
	}

	public function set_title() {
		$this->title = !empty($this->navs[$_GET['mod']]['sub'][$_GET['action']]) ? $this->navs[$_GET['mod']]['sub'][$_GET['action']] : '&#26410;&#30693;';
		$this->place = (!empty($this->navs[$_GET['mod']]['name']) ? $this->navs[$_GET['mod']]['name'] : '&#26410;&#30693;').' &#187; '.$this->title;
	}

	private function login(){
		if($_GET['mod']=='logout') {
			$this->logout();
		}elseif($_GET['mod']=='login' && $_POST) {
			$this->login_submit();
		}else{
			if(isset($_POST[TW_UPID])) {
				$_COOKIE[TW_COOKIEPRE.'admauth'] = $_POST[TW_UPID];
			}
			if(!empty($_COOKIE[TW_COOKIEPRE.'admauth'])) {
				list($user, $pwd, $rands) = explode("\t", sys_auth($_COOKIE[TW_COOKIEPRE.'admauth'], 'DECODE'));
				if($user && $pwd && $rands) {
					$this->auser = $this->db->fetch_first('SELECT * FROM `'.TW_DBPRE.'admin` A LEFT JOIN `'.TW_DBPRE.'admin_group` G ON A.gid=G.gid WHERE A.user='.S($user).' LIMIT 1');
				}
			}
			if(!empty($this->auser) && $this->auser['password']==$pwd && $rands==$this->auser['random']) {
				if($_GET['mod'] == 'json') return;
				$this->navs = include TWCMS_DATA.'system'.D.'navs.php';
				if($_GET['mod']=='admin'){
					require load_tpl($_GET['mod']);
				}elseif($_GET['mod']=='login') {
					jsjump(ADMNAME);
				}else{
					$this->set_title();
				}
			}elseif($_GET['mod']!='login' && !empty($this->auser) && $this->auser['password']==$pwd && $rands!=$this->auser['random']) {
				jsjump(ADMNAME.'?mod=login', '您的帐号已被踢出登陆！');
			}elseif($_GET['mod']=='login'){
				require load_tpl('login');
			}else{
				jsjump(ADMNAME.'?mod=login');
			}
		}
	}

	private function login_submit(){
		$_POST = _trim($_POST);
		if(empty($_POST['username'])) {
			exit('{"name":"username", "message":"啊哦，帐号不能为空哦！"}');
		}elseif(empty($_POST['password'])){
			exit('{"name":"password", "message":"啊哦，密码不能为空哦！"}');
		}elseif(strlen($_POST['password']) < 6){
			exit('{"name":"password", "message":"啊哦，密码不能小于6位哦！"}');
		}
		$pwd = md5($_POST['password']);
		$users = $this->db->fetch_first('SELECT uid,password,random FROM `'.TW_DBPRE.'admin` WHERE user='.S($_POST['username']).' LIMIT 1');
		if(empty($users) || $users['password']!=$pwd) {
			exit('{"name":"password", "message":"啊哦，帐号或密码不正确!"}');
		}else{
			$ip = ip();
			$U = $this->db->fetch_first('SELECT logintime,loginip FROM `'.TW_DBPRE.'member` WHERE uid='.$users['uid']);
			if($U['loginip']!=$ip || $U['logintime']<time()-86400) {
				$rands = 'TW'.random(16, 2);
				$admauth = sys_auth($_POST['username']."\t".$pwd."\t".$rands);
				setcookie(TW_COOKIEPRE.'admauth', $admauth);
				$this->db->query('UPDATE `'.TW_DBPRE.'admin` SET `random`="'.$rands.'" WHERE `uid`='.$users['uid']);
			}else{
				setcookie(TW_COOKIEPRE.'admauth', sys_auth($_POST['username']."\t".$pwd."\t".$users['random']));
			}
			$this->db->query('UPDATE `'.TW_DBPRE.'member` SET `logins`=`logins`+1,`lasttime`=`logintime`,`lastip`=`loginip`,`logintime`='.time().',`loginip`='.S($ip).' WHERE uid='.$users['uid']);
			exit('{"name":"", "message":"登录成功！"}');
		}
	}

	private function logout(){
		setcookie(TW_COOKIEPRE.'admauth', '', time()-3600);
		jsjump(ADMNAME);
	}
}